diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2020-03-28 19:52:41 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2020-03-28 19:52:41 +0900 |
| commit | f014a79f8dbb101a80d638d025a27bbb5ea02575 (patch) | |
| tree | cc8af5c152e6470cddf1f34d083e2e0e222e7610 /src/server/api/call.ts | |
| parent | Merge branch 'develop' (diff) | |
| parent | 12.27.0 (diff) | |
| download | sharkey-f014a79f8dbb101a80d638d025a27bbb5ea02575.tar.gz sharkey-f014a79f8dbb101a80d638d025a27bbb5ea02575.tar.bz2 sharkey-f014a79f8dbb101a80d638d025a27bbb5ea02575.zip | |
Merge branch 'develop'
Diffstat (limited to 'src/server/api/call.ts')
| -rw-r--r-- | src/server/api/call.ts | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/server/api/call.ts b/src/server/api/call.ts index 37bcf7ce16..7911eb9b49 100644 --- a/src/server/api/call.ts +++ b/src/server/api/call.ts @@ -4,7 +4,7 @@ import { User } from '../../models/entities/user'; import endpoints from './endpoints'; import { ApiError } from './error'; import { apiLogger } from './logger'; -import { App } from '../../models/entities/app'; +import { AccessToken } from '../../models/entities/access-token'; const accessDenied = { message: 'Access denied.', @@ -12,8 +12,8 @@ const accessDenied = { id: '56f35758-7dd5-468b-8439-5d6fb8ec9b8e' }; -export default async (endpoint: string, user: User | null | undefined, app: App | null | undefined, data: any, file?: any) => { - const isSecure = user != null && app == null; +export default async (endpoint: string, user: User | null | undefined, token: AccessToken | null | undefined, data: any, file?: any) => { + const isSecure = user != null && token == null; const ep = endpoints.find(e => e.name === endpoint); @@ -51,7 +51,7 @@ export default async (endpoint: string, user: User | null | undefined, app: App throw new ApiError(accessDenied, { reason: 'You are not a moderator.' }); } - if (app && ep.meta.kind && !app.permission.some(p => p === ep.meta.kind)) { + if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) { throw new ApiError({ message: 'Your app does not have the necessary permissions to use this endpoint.', code: 'PERMISSION_DENIED', @@ -73,7 +73,7 @@ export default async (endpoint: string, user: User | null | undefined, app: App // API invoking const before = performance.now(); - return await ep.exec(data, user, app, file).catch((e: Error) => { + return await ep.exec(data, user, token, file).catch((e: Error) => { if (e instanceof ApiError) { throw e; } else { |